Friday, July 12, 2024
- Advertisement -

    Latest Posts

    BSNL Undergoes Data Breach with 278 GB of Data Compromised

    Bharat Sanchar Nigam Limited (BSNL) has undergone a data breach with the threat actor involved claiming 278 GB of data from the company’s operations. This includes sensitive information such as international mobile subscriber identity (IMSI) numbers, SIM card details, home location register data, and critical security keys, according to a report by the Economic Times. 

    The data breach by threat actor kiberphant0m (who priced it at USD 5000) was first flagged by digital risk management firm Athenian Technology. The company states that the breached data includes server snapshots, which can be misused for SIM cloning. This is reportedly the second breach of BSNL data within the past six months. Prior to this, the telecom company underwent a major cybersecurity situation in 2017 when 60,000 BSNL modems were affected by the malware causing them to automatically switch off. 

    Why it matters?

    Two data breaches in such a short span of time signal that BSNL needs to put in place stronger cybersecurity measures. The situation becomes particularly concerning because, in 2020, the Government of India mandated the use of BSNL and MTNL by all Ministries/Departments of the Government of India, including central autonomous bodies. As such, a breach in BSNL’s database could potentially compromise sensitive information related to government communications and infrastructure.

    Further as flagged by Athenian Technology, the data leaked as a result of this breach could be used for SIM cloning. This technique allows bad actors to use a person’s SIM card on another device. It means that if your SIM has been cloned any sensitive information you receive on your phone (like one-time passwords required when making a transaction) could be accessed by the bad actor. 

    Cybersecurity measures brought in by the Telecom Act

    Under section 22 of the Telecommunication Act, 2023 the government can provide measures to protect and ensure the cybersecurity of telecommunication networks and telecommunication services. The measures introduced may include the collection, analysis, and dissemination of traffic data that is generated, transmitted, received or stored in telecommunication networks. With this section coming into operation as of June 26, it remains to be seen what kind of measures the government would prescribe to ensure network security, especially after this breach.  

    Also read:

    The post BSNL Undergoes Data Breach with 278 GB of Data Compromised appeared first on MEDIANAMA.

    Latest Posts

    - Advertisement -

    Don't Miss

    Stay in touch

    To be updated with all the latest news, offers and special announcements.